1 ## This file is part of the coreboot project.
3 ## Copyright (C) 2018-2019 Eltan B.V.
5 ## This program is free software; you can redistribute it and/or modify
6 ## it under the terms of the GNU General Public License as published by
7 ## the Free Software Foundation; version 2 of the License.
9 ## This program is distributed in the hope that it will be useful,
10 ## but WITHOUT ANY WARRANTY; without even the implied warranty of
11 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 ## GNU General Public License for more details.
15 menu "Verified Boot (verified_boot)"
17 config VENDORCODE_ELTAN_VBOOT
18 bool "Enable Verified Boot"
22 config VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST
23 bool "Enable Signed Manifest"
24 depends on VENDORCODE_ELTAN_VBOOT
27 config VENDORCODE_ELTAN_VBOOT_USE_SHA512
29 depends on VENDORCODE_ELTAN_VBOOT
32 Use SHA512 for the vboot operations, this applies to the digest in
33 the manifest and the manifest digest.
35 config VENDORCODE_ELTAN_OEM_MANIFEST_LOC
36 hex "Manifest Location"
39 config VENDORCODE_ELTAN_VBOOT_MANIFEST
40 string "Verified boot manifest file"
41 default "mainboard/$(MAINBOARD_DIR)/manifest.h"
43 config VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS
47 config VENDORCODE_ELTAN_OEM_MANIFEST_ITEM_SIZE
49 default 64 if VENDORCODE_ELTAN_VBOOT_USE_SHA512
52 config VENDORCODE_ELTAN_VBOOT_KEY_LOCATION
53 hex "Verified boot Key Location"
54 depends on VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST
57 config VENDORCODE_ELTAN_VBOOT_KEY_FILE
58 string "Verified boot Key File"
59 depends on VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST
60 default "3rdparty/eltan/verified_boot/Keys/key.vbpubk2"
62 config VENDORCODE_ELTAN_VBOOT_KEY_SIZE
64 default 610 if VENDORCODE_ELTAN_VBOOT_USE_SHA512
67 endmenu # Verified Boot (verified_boot)